autumn_harvest/

lib.rs

//! Durable workflow orchestration engine core.

/// Embedded migrations for the harvest engine schema.
///
/// Downstream crates (such as `autumn-harvest-plugin`) should consume this
/// const instead of invoking `diesel_migrations::embed_migrations!()` against
/// this crate's path. Proc-macro path arguments are resolved at the *consumer's*
/// compile-time location, which doesn't survive `cargo publish` because the
/// upstream crate's directory layout isn't available in the downstream's
/// packaged tarball. Centralising the macro invocation here keeps the path
/// resolution local to this crate, where the `migrations/` directory always
/// ships alongside.
#[cfg(feature = "db")]
#[macro_export]
macro_rules! cfg_db {
    ($($item:item)*) => {
        $($item)*
    };
}

#[cfg(not(feature = "db"))]
#[macro_export]
macro_rules! cfg_db {
    ($($item:item)*) => {};
}

#[cfg(feature = "db")]
pub const MIGRATIONS: diesel_migrations::EmbeddedMigrations =
    diesel_migrations::embed_migrations!();

// Consume the env var emitted by build.rs so that Cargo recompiles this
// crate (and re-runs embed_migrations!()) whenever a migration is added or
// removed — even when only the migrations/ directory changed and no Rust
// source file was edited.
#[cfg(feature = "db")]
const _MIGRATIONS_LIST: &str = env!("HARVEST_MIGRATIONS_LIST");

/// Admission gate primitive for incident-response operators (issue #377).
pub mod admission_gate;
/// History analyzer and linter.
pub mod analyzer;
/// Audit trail for management API mutations (issue #158).
#[cfg(feature = "db")]
pub mod audit;
/// Batch operations for fleet-wide workflow cancel/terminate/signal (issue #102).
pub mod batch;
/// Batch workflow start types: caps and per-item request/result structs (issue #357).
pub mod batch_start;
/// Worker build-id routing for safe rolling deploys (issue #171).
#[cfg(feature = "db")]
pub mod build_routing;
pub mod builder;
pub mod cache;
/// Calendar-aware schedule filtering: named exclusion sets, skip policies, and
/// schedule preview generation (issue #337).
pub mod calendar;
/// Per-activity circuit breaker that fast-fails dispatch during downstream
/// outages (issue #369).
pub mod circuit_breaker;
pub mod completion_trigger;
/// Per-key concurrency limits for tenant fair-share scheduling (issue #247).
pub mod concurrency;
pub mod context;
pub mod critical_path;
pub mod dag;
/// Export format types for Directed Acyclic Graphs (DAGs) representing workflows.
pub mod dag_export;
pub mod dag_linter;
#[cfg(feature = "testing")]
pub mod dag_profiler;
#[cfg(any(test, feature = "testing"))]
pub mod dag_simulator;
/// Deterministic workflow guardrails: static source-level check for replay-breaking patterns.
pub mod det_check;
pub mod diagnostic;
pub mod eligibility;
pub mod error;
pub mod event;
#[cfg(feature = "db")]
#[doc(hidden)]
pub mod execution;
pub mod executor;
#[cfg(feature = "db")]
pub mod external_task;
pub mod failure;
/// Deterministic workflow guardrail rule catalog (issue #173).
pub mod guardrail;
#[cfg(feature = "db")]
pub mod handle;
#[cfg(feature = "db")]
pub mod handle_typed;
pub mod history_export;
pub mod info;
/// `metrics` crate adapter for [`telemetry::MetricsRecorder`].
///
/// Bridges every `record_*` call to the global [`metrics`] registry so
/// applications using `metrics-exporter-prometheus` or another compatible
/// backend get harvest engine metrics without any extra glue code.
///
/// Enabled by the `metrics-rs` cargo feature.
#[cfg(feature = "metrics-rs")]
pub mod metrics_rs_adapter;
pub mod payload_codec;
pub mod poison_pill;
pub mod policy;
pub mod pool;
pub mod prelude;
/// Types and definitions for querying workflow state and metadata.
pub mod query;
pub mod replay;
#[cfg(feature = "db")]
pub mod reset;
pub mod retention;
pub mod saga;
pub mod shard;
pub mod simulator;
/// OpenTelemetry integration: trace-context propagation and metrics.
pub mod telemetry;
#[cfg(any(test, feature = "testing"))]
pub mod test_generator;
/// Replay test harness for verifying workflow determinism pre-deploy.
#[cfg(any(test, feature = "testing"))]
pub mod testing;
pub mod types;
pub mod update;
#[cfg(feature = "db")]
pub mod version_gate_retirement;
#[cfg(feature = "db")]
pub mod version_usage;

#[cfg(feature = "db")]
#[doc(hidden)]
pub mod dlq;
#[cfg(feature = "db")]
#[doc(hidden)]
pub mod heartbeat;
#[cfg(feature = "db")]
#[doc(hidden)]
pub mod models;
#[cfg(feature = "db")]
#[doc(hidden)]
pub mod notify;
#[cfg(feature = "db")]
#[doc(hidden)]
pub mod queue;
#[cfg(feature = "db")]
pub mod schedule_decision;
#[cfg(feature = "db")]
pub mod scheduler;
#[cfg(feature = "db")]
#[allow(clippy::wildcard_imports)]
#[doc(hidden)]
pub mod schema;
#[cfg(feature = "db")]
#[doc(hidden)]
pub mod signal;
#[cfg(feature = "db")]
#[doc(hidden)]
pub mod store;
#[cfg(feature = "db")]
#[doc(hidden)]
pub mod timeout;
#[cfg(feature = "db")]
#[doc(hidden)]
pub mod worker;
#[cfg(feature = "db")]
pub mod workers;

pub use admission_gate::{
    AdmissionGate, AdmissionGateCache, AdmissionGateId, AdmissionGateView, GateScope,
    MAX_ACTIVE_GATES, check_admission,
};
pub use analyzer::{
    AnalyzerRule, AnalyzerWarning, ExcessiveRetriesRule, HistoryAnalyzer, LargePayloadRule,
    SuspiciousTimerRule,
};
pub use builder::{
    BuiltHarvest, HarvestBuilder, HarvestBuilderError, StickyRoutingConfig, WorkerConfig,
};
pub use cache::{CachedWorkflowState, WorkflowCache};
#[cfg(feature = "db")]
pub use calendar::{
    BackfillSlot, create_calendar, delete_calendar, get_calendar, list_calendars,
    load_exclusions_for_calendar, plan_backfill_with_calendar, preview_schedule_firings,
    replace_calendar_exclusions,
};
pub use calendar::{
    Calendar, ScheduleFirePreview, apply_skip_policy, calendar_excludes_weekends, is_excluded_date,
};
pub use completion_trigger::{CompletionTrigger, InputMapping, TerminalState};
pub use context::{
    ActivityContext, DEFAULT_HISTORY_CONTINUE_AS_NEW_THRESHOLD, WorkflowCommand, WorkflowContext,
    WorkflowHistoryPolicy,
};
pub use critical_path::{CriticalPathAnalyzer, CriticalPathResult};
pub use dag::{
    DagBuildError, DagBuilder, DagCondition, DagDefinition, DagDispatchDecision, DagMapTaskRef,
    DagTask, DagTaskRef,
};
pub use dag_export::{export_dot, export_mermaid};
pub use dag_linter::{
    DagLinter, DagRule, DagWarning, ExcessiveParallelismRule, MissingRetryPolicyRule,
    MissingTimeoutRule,
};
#[cfg(feature = "testing")]
pub use dag_profiler::{DagProfile, DagProfiler, ProfilerEvent, ProfilerEventKind};
#[cfg(any(test, feature = "testing"))]
pub use dag_simulator::{DagSimulator, DagSimulatorResult};
pub use det_check::{
    DetCheckReport, DetFinding, DetLocation, DetSeverity, DetSuppression, check_dir, check_file,
    check_source,
};
pub use diagnostic::{DiagnosticReport, SimulatorResultExt};
pub use error::{HarvestError, HarvestResult, TimeoutType};
pub use event::{SideEffectKind, WorkflowEvent};
#[cfg(feature = "db")]
pub use execution::{
    CancelledWorkflowExecution, PausedWorkflowExecution, ResumedWorkflowExecution,
    SignalWithStartOutcome, SignalWithStartParams, StartWorkflowParams, StartedWorkflowExecution,
    UpdateWithStartOutcome, UpdateWithStartParams, auto_resume_expired_pauses,
    cancel_workflow_execution, pause_workflow_execution, resume_workflow_execution,
    signal_with_start_workflow_execution, start_or_load_workflow_execution,
    terminate_workflow_execution, update_with_start_workflow_execution,
};
pub use executor::{WorkflowOutcome, run_workflow};
pub use guardrail::{
    GuardrailFinding, GuardrailSuppression, GuardrailSuppressionError, RuleCategory, RuleEntry,
    Severity, catalog as guardrail_catalog, rule_by_id as guardrail_rule_by_id,
};
#[cfg(feature = "db")]
pub use handle::{
    StartedWorkflowHandle, WorkflowHandle, WorkflowHandleClient, WorkflowResult,
    WorkflowResultState, start_or_load_workflow_execution_with_handle,
};
#[cfg(feature = "db")]
pub use handle_typed::{
    TypedSignalWithStartOptions, TypedStartOptions, TypedUpdateWithStartOptions,
    TypedWorkflowHandle, TypedWorkflowResult,
};
pub use history_export::{
    DEFAULT_HISTORY_EXPORT_MAX_BYTES, HISTORY_EXPORT_SCHEMA, HISTORY_EXPORT_VERSION,
    HistoryExportDocument, HistoryExportError, HistoryExportRequest, HistoryExportSizeLimit,
    HistoryExportStatus, HistoryPayloadPolicy, export_history, export_mermaid_sequence,
};
pub use info::{
    ActivityHandlerFn, ActivityInfo, DagInfo, QueryHandlerFn, QueryHandlerInfo, UpdateHandlerFn,
    UpdateHandlerInfo, UpdateValidatorFn, WorkflowHandlerFn, WorkflowInfo,
};
pub use payload_codec::{CodecError, IdentityCodec, PayloadCodec, PayloadCodecs};
pub use policy::validate_schedule;
pub use policy::{
    CatchupPolicy, MapFailurePolicy, OverlapPolicy, RetryPolicy, Schedule, SkipPolicy, TaskStatus,
    TriggerRule, WorkflowSchedule,
};
pub use pool::{HarvestPoolConfig, compute_pool_sizes};
pub use query::QueryRegistry;
pub use replay::{HistoryMatch, HistoryMatcher, SignalOrTimerMatch};
#[cfg(feature = "db")]
pub use reset::{
    ResetInvalidPoint, ResetPlan, ResetResult, ResetSignalReapplyPolicy, ResetUnresolvedSideEffect,
    WorkflowResetError, WorkflowResetRequest, preview_workflow_reset, reset_workflow_execution,
    validate_reset_point,
};
pub use retention::{ArchiverFuture, HistoryArchiver, RetentionConfig};
#[cfg(feature = "db")]
pub use retention::{RetentionMonitor, RetentionRuntime, RetentionStatus, RetentionTickResult};
pub use saga::Saga;
#[cfg(feature = "db")]
pub use schedule_decision::record_decision_graceful;
#[cfg(feature = "db")]
pub use scheduler::{
    DagCatalog, RegisteredDag, SchedulerMonitor, SchedulerRuntime, compile_dag_catalog,
    register_schedules, register_workflow_schedules, tick_once, trigger_unified_dag,
};
pub use shard::ShardRouter;
#[cfg(feature = "db")]
pub use shard::ShardedDbPool;
pub use simulator::{SimulatorResult, WorkflowSimulator};
#[cfg(feature = "db")]
pub use store::AwaitMode;
pub use telemetry::{
    ActivityStatus, MetricsRecorder, NoOpMetrics, NoOpPropagator, TelemetryConfig,
    TelemetryConfigBuilder, TraceContextCarrier, TraceContextPropagator, WorkflowStatus,
};
#[cfg(any(test, feature = "testing"))]
pub use test_generator::TestHarnessGenerator;
#[cfg(feature = "testing")]
pub use testing::{
    BatchReplayReport, CiReport, FailOnMode, FixtureResult, FixtureStatus, HarnessErrorKind,
    ReplayVerifier, ReportFormat, TestRunOutcome, WorkflowTestEnv,
};
#[cfg(any(test, feature = "testing"))]
pub use testing::{
    HistorySnapshot, NonDeterminismKind, ReplayReport, ReplayStatus, WorkflowReplayer,
};
pub use types::{
    ActivityExecId, BuildId, DeploymentName, ExecutionId, ExternalActivityToken, ExternalCancelId,
    ExternalSignalId, ParentClosePolicy, Priority, ShardId, TimerId, UpdateId, WorkerId,
    WorkflowId, WorkflowIdReusePolicy,
};
pub use update::UpdateRegistry;
#[cfg(feature = "db")]
pub use version_usage::{
    VersionExecutionStateGroup, VersionUsageFilters, VersionUsageShardRow, load_version_usage,
};

#[cfg(feature = "db")]
pub use store::EventHistory;

#[cfg(feature = "db")]
pub use models::{AuditRecord, NewAuditRecord};

#[cfg(feature = "db")]
pub use diesel;
#[cfg(feature = "db")]
pub use diesel_async;

#[cfg(feature = "db")]
pub use queue::{ConcurrencyKeyStats, QueueScalingSignal, QueueTaskCounts, queue_task_counts};

// Allow macro-generated code to use ::autumn_harvest::serde_json
pub use serde_json;
// Allow macro-generated code to use ::autumn_harvest::serde
pub use serde;
// Allow macro-generated code to use ::autumn_harvest::chrono
pub use chrono;
// Allow macro-generated code to use ::autumn_harvest::uuid (e.g. update_with_start UUIDv5 derivation)
pub use uuid;
// Allow macro-generated code to use ::autumn_harvest::futures.
#[doc(hidden)]
pub use futures;

/// Parse a human-readable byte-size string like `"2MiB"`, `"256KiB"`, `"4MB"`.
///
/// Accepted suffixes: `KiB`, `KB`, `MiB`, `MB`, `GiB`, `GB`, or no suffix for
/// plain bytes. Returns `None` for empty strings or unrecognised suffixes.
///
/// ## Examples
///
/// ```rust
/// assert_eq!(autumn_harvest::parse_byte_size("2MiB"), Some(2 * 1024 * 1024));
/// assert_eq!(autumn_harvest::parse_byte_size("256KiB"), Some(256 * 1024));
/// assert_eq!(autumn_harvest::parse_byte_size("4MB"), Some(4_000_000));
/// assert_eq!(autumn_harvest::parse_byte_size("invalid"), None);
/// ```
#[must_use]
#[allow(clippy::option_if_let_else)]
pub fn parse_byte_size(s: &str) -> Option<u64> {
    let s = s.trim();
    if s.is_empty() {
        return None;
    }
    let (digits, multiplier): (&str, u64) = if let Some(n) = s.strip_suffix("GiB") {
        (n.trim(), 1024 * 1024 * 1024)
    } else if let Some(n) = s.strip_suffix("GB") {
        (n.trim(), 1_000_000_000)
    } else if let Some(n) = s.strip_suffix("MiB") {
        (n.trim(), 1024 * 1024)
    } else if let Some(n) = s.strip_suffix("MB") {
        (n.trim(), 1_000_000)
    } else if let Some(n) = s.strip_suffix("KiB") {
        (n.trim(), 1024)
    } else if let Some(n) = s.strip_suffix("KB") {
        (n.trim(), 1_000)
    } else {
        (s, 1)
    };
    let n: u64 = digits.parse().ok()?;
    n.checked_mul(multiplier)
}

/// Parse a human-readable duration string like `"5m"`, `"30s"`, `"1h"`.
///
/// Used by macro-generated code — not intended for direct use.
#[doc(hidden)]
#[must_use]
pub fn task_duration(s: &str) -> Option<std::time::Duration> {
    let mut total_secs = 0u64;
    let mut current_num = String::new();

    for ch in s.chars() {
        if ch.is_ascii_digit() {
            if current_num == "0" {
                current_num.clear();
            }
            if current_num.len() > 20 {
                return None;
            }
            current_num.push(ch);
        } else if ch.is_ascii_alphabetic() {
            let num: u64 = current_num.parse().ok()?;
            current_num.clear();
            match ch {
                's' => total_secs = total_secs.checked_add(num)?,
                'm' => total_secs = total_secs.checked_add(num.checked_mul(60)?)?,
                'h' => total_secs = total_secs.checked_add(num.checked_mul(3600)?)?,
                'd' => total_secs = total_secs.checked_add(num.checked_mul(86400)?)?,
                _ => return None,
            }
        } else if ch != ' ' {
            return None;
        }
    }

    if !current_num.is_empty() || total_secs == 0 {
        return None;
    }

    Some(std::time::Duration::from_secs(total_secs))
}

#[cfg(test)]
mod tests {
    use super::task_duration;
    use std::time::Duration;

    #[cfg(feature = "db")]
    #[test]
    fn embedded_migrations_include_one_harvest_initial() {
        use diesel::migration::MigrationSource;
        use diesel::pg::Pg;

        let migrations =
            <diesel_migrations::EmbeddedMigrations as MigrationSource<Pg>>::migrations(
                &super::MIGRATIONS,
            )
            .expect("embedded migrations should load");
        let harvest_initial_count = migrations
            .iter()
            .filter(|migration| migration.name().to_string().ends_with("_harvest_initial"))
            .count();

        assert_eq!(harvest_initial_count, 1);
    }

    #[test]
    fn task_duration_parses_compound_values() {
        assert_eq!(task_duration("1h 30m"), Some(Duration::from_secs(5_400)));
        assert_eq!(task_duration("5s"), Some(Duration::from_secs(5)));
        assert_eq!(task_duration("2d"), Some(Duration::from_secs(172_800)));
    }

    #[test]
    fn task_duration_rejects_invalid_values() {
        assert_eq!(task_duration(""), None);
        assert_eq!(task_duration("5"), None);
        assert_eq!(task_duration("5x"), None);
    }

    #[test]
    fn task_duration_rejects_overflow() {
        assert_eq!(task_duration("18446744073709551615d"), None); // u64::MAX
        assert_eq!(task_duration("18446744073709551615h"), None); // u64::MAX
        assert_eq!(task_duration("18446744073709551615m"), None); // u64::MAX
        assert_eq!(task_duration("18446744073709551614s 2s"), None); // Add overflow
    }

    #[test]
    fn havoc_task_duration_oom_prevention() {
        // Attack: Provide an excessively long string of digits.
        // The implementation rejects it early instead of boundedly growing `current_num`.
        let massive_input = "1".repeat(100);
        let result = task_duration(&massive_input);
        assert_eq!(result, None);
    }

    #[test]
    fn task_duration_allows_zero_padded_values() {
        let zero_padded = format!("{}1s", "0".repeat(50));
        assert_eq!(task_duration(&zero_padded), Some(Duration::from_secs(1)));
        // 0s is rejected globally by task_duration, so we test None
        assert_eq!(task_duration("000000000000s"), None);
        assert_eq!(task_duration("0000010m"), Some(Duration::from_secs(600)));
    }
}